From c2c9b43173895f65583fc9e087b8abac4db1c6be Mon Sep 17 00:00:00 2001 From: Lior Okman Date: Sat, 25 May 2024 13:05:07 +0300 Subject: [PATCH] bug: Tests are failing due to an expired certificate in one of the translator tests (#3476) Replaced a certificate in the test that had expired. The old certificate expired May 24 2024: Certificate: Data: Version: 1 (0x0) Serial Number: ca:7c:5c:b7:25:5d:bb:f9 Signature Algorithm: ecdsa-with-SHA256 Issuer: CN=test.example.com Validity Not Before: May 25 14:10:42 2023 GMT Not After : May 24 14:10:42 2024 GMT Subject: CN=test.example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:78:cb:47:0b:78:48:7a:ad:90:b1:d9:2d:4a:2f: d9:35:1f:cc:28:d6:af:4a:6d:c7:36:7e:ed:1a:88: 1f:a9:aa:a7:f0:04:a0:1c:86:bb:c9:45:3e:f8:fb: 28:0c:3e:a4:7f:ef:82:7b:bb:ac:77:49:90:3b:54: a7:75:82:16:8f:64:0b:88:8c:f4:35:91:fc:07:f4: 2b:e2:2e:c9:d0:82:b0:b1:09:54:9e:e9:d9:aa:fe: 4a:63:d4:cb:41:ad:27 ASN1 OID: secp384r1 NIST CURVE: P-384 Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:65:02:31:00:86:4e:33:e4:86:37:4c:26:a7:be:57:51:44: 8e:6c:88:ea:3c:03:58:00:a3:5e:7a:53:9e:2c:54:b3:ab:82: 25:fe:4c:e4:be:4d:8c:56:e2:da:d8:de:d2:20:ca:13:55:02: 30:0c:2a:27:a7:fd:2b:a9:87:4f:06:ea:4e:2d:cc:48:4d:9d: d7:cf:73:88:6d:98:54:18:83:6d:e5:a9:c3:84:75:c9:ee:c6: 0d:1a:15:a2:8c:68:86:88:83:17:b9:7a:9b The new certificate is good for 10 years. Certificate: Data: Version: 3 (0x2) Serial Number: 42:29:94:01:e1:cb:32:dc:f8:b4:64:6d:9e:1e:28:8d:7b:5a:53:3b Signature Algorithm: ecdsa-with-SHA256 Issuer: CN=test.example.com Validity Not Before: May 25 09:11:37 2024 GMT Not After : May 23 09:11:37 2034 GMT Subject: CN=test.example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:78:cb:47:0b:78:48:7a:ad:90:b1:d9:2d:4a:2f: d9:35:1f:cc:28:d6:af:4a:6d:c7:36:7e:ed:1a:88: 1f:a9:aa:a7:f0:04:a0:1c:86:bb:c9:45:3e:f8:fb: 28:0c:3e:a4:7f:ef:82:7b:bb:ac:77:49:90:3b:54: a7:75:82:16:8f:64:0b:88:8c:f4:35:91:fc:07:f4: 2b:e2:2e:c9:d0:82:b0:b1:09:54:9e:e9:d9:aa:fe: 4a:63:d4:cb:41:ad:27 ASN1 OID: secp384r1 NIST CURVE: P-384 X509v3 extensions: X509v3 Subject Key Identifier: DA:49:EA:13:99:CA:DE:10:D2:70:2B:27:E2:60:AA:E0:F4:7B:EA:50 X509v3 Authority Key Identifier: DA:49:EA:13:99:CA:DE:10:D2:70:2B:27:E2:60:AA:E0:F4:7B:EA:50 X509v3 Basic Constraints: critical CA:TRUE Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:65:02:30:6d:4e:25:4f:84:f4:38:7e:c4:de:c8:d1:55:0c: af:4b:e4:c0:a1:f3:59:de:fb:48:0a:96:07:65:29:9f:fe:7c: 3c:ee:f0:c9:ca:17:bc:cd:bd:a4:31:38:24:4f:c6:e5:02:31: 00:e6:9a:ce:52:60:4b:b8:0e:e7:23:6d:8a:69:a0:21:e5:d1: bb:e8:e9:09:6a:32:d6:8c:58:49:f4:76:86:e6:c1:b8:24:d3: 44:08:fa:1c:ef:34:70:c1:24:76:a9:35:8f Signed-off-by: Lior Okman --- ...tls-configuration-with-same-algorithm-different-fqdn.in.yaml | 2 +- ...ls-configuration-with-same-algorithm-different-fqdn.out.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.in.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.in.yaml index 82743664172..bfe07030233 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.in.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.in.yaml @@ -35,7 +35,7 @@ secrets: name: tls-secret-ecdsa-2 type: kubernetes.io/tls data: - tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJZakNCNlFJSkFNcDhYTGNsWGJ2NU1Bb0dDQ3FHU000OUJBTUNNQnN4R1RBWEJnTlZCQU1NRUhSbGMzUXUKWlhoaGJYQnNaUzVqYjIwd0hoY05Nak13TlRJMU1UUXhNRFF5V2hjTk1qUXdOVEkwTVRReE1EUXlXakFiTVJrdwpGd1lEVlFRRERCQjBaWE4wTG1WNFlXMXdiR1V1WTI5dE1IWXdFQVlIS29aSXpqMENBUVlGSzRFRUFDSURZZ0FFCmVNdEhDM2hJZXEyUXNka3RTaS9aTlIvTUtOYXZTbTNITm43dEdvZ2ZxYXFuOEFTZ0hJYTd5VVUrK1Bzb0RENmsKZisrQ2U3dXNkMG1RTzFTbmRZSVdqMlFMaUl6ME5aSDhCL1FyNGk3SjBJS3dzUWxVbnVuWnF2NUtZOVRMUWEwbgpNQW9HQ0NxR1NNNDlCQU1DQTJnQU1HVUNNUUNHVGpQa2hqZE1KcWUrVjFGRWpteUk2andEV0FDalhucFRuaXhVCnM2dUNKZjVNNUw1TmpGYmkydGplMGlES0UxVUNNQXdxSjZmOUs2bUhUd2JxVGkzTVNFMmQxODl6aUcyWVZCaUQKYmVXcHc0UjF5ZTdHRFJvVm9veG9ob2lERjdsNm13PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJ5RENDQVU2Z0F3SUJBZ0lVUWltVUFlSExNdHo0dEdSdG5oNG9qWHRhVXpzd0NnWUlLb1pJemowRUF3SXcKR3pFWk1CY0dBMVVFQXd3UWRHVnpkQzVsZUdGdGNHeGxMbU52YlRBZUZ3MHlOREExTWpVd09URXhNemRhRncwegpOREExTWpNd09URXhNemRhTUJzeEdUQVhCZ05WQkFNTUVIUmxjM1F1WlhoaGJYQnNaUzVqYjIwd2RqQVFCZ2NxCmhrak9QUUlCQmdVcmdRUUFJZ05pQUFSNHkwY0xlRWg2clpDeDJTMUtMOWsxSDh3bzFxOUtiY2MyZnUwYWlCK3AKcXFmd0JLQWNocnZKUlQ3NCt5Z01QcVIvNzRKN3U2eDNTWkE3VktkMWdoYVBaQXVJalBRMWtmd0g5Q3ZpTHNuUQpnckN4Q1ZTZTZkbXEva3BqMU10QnJTZWpVekJSTUIwR0ExVWREZ1FXQkJUYVNlb1RtY3JlRU5Kd0t5ZmlZS3JnCjlIdnFVREFmQmdOVkhTTUVHREFXZ0JUYVNlb1RtY3JlRU5Kd0t5ZmlZS3JnOUh2cVVEQVBCZ05WSFJNQkFmOEUKQlRBREFRSC9NQW9HQ0NxR1NNNDlCQU1DQTJnQU1HVUNNRzFPSlUrRTlEaCt4TjdJMFZVTXIwdmt3S0h6V2Q3NwpTQXFXQjJVcG4vNThQTzd3eWNvWHZNMjlwREU0SkUvRzVRSXhBT2FhemxKZ1M3Z081eU50aW1tZ0llWFJ1K2pwCkNXb3kxb3hZU2ZSMmh1YkJ1Q1RUUkFqNkhPODBjTUVrZHFrMWp3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= tls.key: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1JR2tBZ0VCQkRDUUE5VWo0SkR5c0Q0MlJIMGI2cjU5NTlXTmlXU2ZKZlMxK2RvTjk0TzZCUGdaQUJiUTI4eTIKUTZsM3pZdklLeFNnQndZRks0RUVBQ0toWkFOaUFBUjR5MGNMZUVoNnJaQ3gyUzFLTDlrMUg4d28xcTlLYmNjMgpmdTBhaUIrcHFxZndCS0FjaHJ2SlJUNzQreWdNUHFSLzc0Sjd1NngzU1pBN1ZLZDFnaGFQWkF1SWpQUTFrZndICjlDdmlMc25RZ3JDeENWU2U2ZG1xL2twajFNdEJyU2M9Ci0tLS0tRU5EIEVDIFBSSVZBVEUgS0VZLS0tLS0K httpRoutes: - apiVersion: gateway.networking.k8s.io/v1 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.out.yaml index b6d1092b87b..1ab6601c363 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.out.yaml @@ -138,4 +138,4 @@ xdsIR: serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJnVENDQVNlZ0F3SUJBZ0lVRm1sOExCRzBvL1FLNFErWjdrODI0c0MyaUZ3d0NnWUlLb1pJemowRUF3SXcKRmpFVU1CSUdBMVVFQXd3TFptOXZMbUpoY2k1amIyMHdIaGNOTWpRd01qSTVNRGt6TURFd1doY05NelF3TWpJMgpNRGt6TURFd1dqQVdNUlF3RWdZRFZRUUREQXRtYjI4dVltRnlMbU52YlRCWk1CTUdCeXFHU000OUFnRUdDQ3FHClNNNDlBd0VIQTBJQUJMYVl2cUt1VlZveERvNTJlV3p2WUI1anc3RU1GODZybXlvaTVadWF5emRNdnBnNHpCcjgKUktCak5zK1QxakI4T0t1Y1MvN1JVRHgwcHorOTc2ek0zaU9qVXpCUk1CMEdBMVVkRGdRV0JCVE82K2NnMFIwZAp3dHJ6SlFQRzZnNzZoQkJVelRBZkJnTlZIU01FR0RBV2dCVE82K2NnMFIwZHd0cnpKUVBHNmc3NmhCQlV6VEFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUFvR0NDcUdTTTQ5QkFNQ0EwZ0FNRVVDSVFDMlhwUFFnUXpXYWUzYjVwWnQKR2N1TWZESjBjME9QS2NuZWdrWFoyQzRCM2dJZ1Uvc1Jrd0lwTFFOUlYrRWFZdzRQNVQ1Z1BFNlkrVnBtQzk4aApvVmpaL3pRPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t - name: envoy-gateway/tls-secret-ecdsa-2 privateKey: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1JR2tBZ0VCQkRDUUE5VWo0SkR5c0Q0MlJIMGI2cjU5NTlXTmlXU2ZKZlMxK2RvTjk0TzZCUGdaQUJiUTI4eTIKUTZsM3pZdklLeFNnQndZRks0RUVBQ0toWkFOaUFBUjR5MGNMZUVoNnJaQ3gyUzFLTDlrMUg4d28xcTlLYmNjMgpmdTBhaUIrcHFxZndCS0FjaHJ2SlJUNzQreWdNUHFSLzc0Sjd1NngzU1pBN1ZLZDFnaGFQWkF1SWpQUTFrZndICjlDdmlMc25RZ3JDeENWU2U2ZG1xL2twajFNdEJyU2M9Ci0tLS0tRU5EIEVDIFBSSVZBVEUgS0VZLS0tLS0K - serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJZakNCNlFJSkFNcDhYTGNsWGJ2NU1Bb0dDQ3FHU000OUJBTUNNQnN4R1RBWEJnTlZCQU1NRUhSbGMzUXUKWlhoaGJYQnNaUzVqYjIwd0hoY05Nak13TlRJMU1UUXhNRFF5V2hjTk1qUXdOVEkwTVRReE1EUXlXakFiTVJrdwpGd1lEVlFRRERCQjBaWE4wTG1WNFlXMXdiR1V1WTI5dE1IWXdFQVlIS29aSXpqMENBUVlGSzRFRUFDSURZZ0FFCmVNdEhDM2hJZXEyUXNka3RTaS9aTlIvTUtOYXZTbTNITm43dEdvZ2ZxYXFuOEFTZ0hJYTd5VVUrK1Bzb0RENmsKZisrQ2U3dXNkMG1RTzFTbmRZSVdqMlFMaUl6ME5aSDhCL1FyNGk3SjBJS3dzUWxVbnVuWnF2NUtZOVRMUWEwbgpNQW9HQ0NxR1NNNDlCQU1DQTJnQU1HVUNNUUNHVGpQa2hqZE1KcWUrVjFGRWpteUk2andEV0FDalhucFRuaXhVCnM2dUNKZjVNNUw1TmpGYmkydGplMGlES0UxVUNNQXdxSjZmOUs2bUhUd2JxVGkzTVNFMmQxODl6aUcyWVZCaUQKYmVXcHc0UjF5ZTdHRFJvVm9veG9ob2lERjdsNm13PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJ5RENDQVU2Z0F3SUJBZ0lVUWltVUFlSExNdHo0dEdSdG5oNG9qWHRhVXpzd0NnWUlLb1pJemowRUF3SXcKR3pFWk1CY0dBMVVFQXd3UWRHVnpkQzVsZUdGdGNHeGxMbU52YlRBZUZ3MHlOREExTWpVd09URXhNemRhRncwegpOREExTWpNd09URXhNemRhTUJzeEdUQVhCZ05WQkFNTUVIUmxjM1F1WlhoaGJYQnNaUzVqYjIwd2RqQVFCZ2NxCmhrak9QUUlCQmdVcmdRUUFJZ05pQUFSNHkwY0xlRWg2clpDeDJTMUtMOWsxSDh3bzFxOUtiY2MyZnUwYWlCK3AKcXFmd0JLQWNocnZKUlQ3NCt5Z01QcVIvNzRKN3U2eDNTWkE3VktkMWdoYVBaQXVJalBRMWtmd0g5Q3ZpTHNuUQpnckN4Q1ZTZTZkbXEva3BqMU10QnJTZWpVekJSTUIwR0ExVWREZ1FXQkJUYVNlb1RtY3JlRU5Kd0t5ZmlZS3JnCjlIdnFVREFmQmdOVkhTTUVHREFXZ0JUYVNlb1RtY3JlRU5Kd0t5ZmlZS3JnOUh2cVVEQVBCZ05WSFJNQkFmOEUKQlRBREFRSC9NQW9HQ0NxR1NNNDlCQU1DQTJnQU1HVUNNRzFPSlUrRTlEaCt4TjdJMFZVTXIwdmt3S0h6V2Q3NwpTQXFXQjJVcG4vNThQTzd3eWNvWHZNMjlwREU0SkUvRzVRSXhBT2FhemxKZ1M3Z081eU50aW1tZ0llWFJ1K2pwCkNXb3kxb3hZU2ZSMmh1YkJ1Q1RUUkFqNkhPODBjTUVrZHFrMWp3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=